Who is responsible for collecting data on this website?
Data processing on this website is carried out by the website owner whose contact details can be found in the Legal information of this website.
How do we collect your data?
Your data are collected when you provide them to us. For example, these can be data which you enter into a contact form.
Other data are collected automatically by our IT systems when you visit our website. These are mainly technical data (e.g. Internet browser, operating system and time of accessing the page). These data are collected automatically as soon as you access our website via your browser.
How do we use your data?
Some of the data are collected to ensure correct presentation of the website. Other data can be used to analyse user behaviour.
What rights do you have regarding your data?
You have the right to receive information on the origin, the recipient and the purpose of your stored personal data at any time free of charge. You also have the right to request correction, amendment, restriction or deletion of these data. To exercise your rights or if you have any other questions regarding data protection, please contact us at any time at the address listed under “Imprint and General Terms of Business” on this website. In addition, you have the right to complain to the relevant data protection authority.
Analysis tools and third-party tools
When you visit our website, your Internet activity can be evaluated statistically. This is done mainly by means of cookies and analysis programs. The analysis of your Internet activity is usually anonymous; the internet activity cannot be traced back to you. You may object to this analysis or prevent it by not using certain tools. Refer to the data privacy statement below for more detailed information.
You can object to this analysis. The data privacy statement provides information on how to object.
The website owner takes the protection of your personal data very seriously. When you use this website, various personal data are collected. Personal data are data which enable you personally to be identified. This Data Privacy Statement explains which data we collect and what we use them for. It also explains how this is done and for what purpose.
We would like to point out that the transfer of data via the Internet (e.g. when communicating by e-mail) may have security vulnerabilities. It is not possible to protect data completely from access by third parties.
We treat your personal data confidentially and in accordance with the legal data protection legislation and this Data Privacy Statement. This means the personal data of users are processed as follows when they visit this website (without additional contact by e-mail):
Types of personal data processed:
Categories of data subjects
Visitors and users of the website (hereinafter all referred to as “Users”).
Purpose of processing
As a responsible provider we dispense with automatic decision-making and profiling.
This Data Privacy Statement uses, among others, the following legal terms which are used by the European body issuing directives and regulations in the General Data Protection Regulation (GDPR) and which are defined therein in Art. 4 (Definitions) as follows:
“Personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
ROBEL Bahnbaumaschinen GmbH
The controller is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses and similar).
Data protection officer
In case of questions or suggestions regarding data protection and to enforce your rights as data subject please contact our data protection officer at any time:
ROBEL Bahnbaumaschinen GmbH
- Datenschutz - (Data privacy)
Right to lodge a complaint with a supervisory authority
You have the right to complain to a supervisory authority, in particular in the member state of your place of residence, your workplace or the place of the probable infringement if you are of the opinion that the processing of your personal data is unlawful.
Rights of the data subjects
The applicable data protection law grants you, as the data subject, extensive rights vis-a-vis the controller with regard to the processing of your personal data (right of access and intervention) about which we inform you below:
Right of access as per Art. 15 GDPR: In accordance with Art. 15 GDPR, you have the right to obtain from us information about your personal data processed by us. You should provide precise information on your request in the application so that it makes it easier to compile the data required. Please note that your right of access may be restricted under certain circumstances in accordance with legal regulations (in particular Article 34 of the German Data Protection Law and Art. 10 of the Bavarian Data Protection Law).
Right to rectification as per Art. 16 GDPR: You have the right to rectification of inaccurate personal data concerning you and/or completion of incomplete data stored by us without undue delay.
Right to erasure as per Art. 17 GDPR: You have the right to request erasure of personal data concerning you if the conditions listed in Art. 17 Para. 1 GDPR apply. However, this right is not applicable in particular where the processing is required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.
Right to restriction of processing as per Art. 18 GDPR: You have the right to request restriction of processing of your personal data for a period enabling the verification of the accuracy of the personal data, if you oppose the erasure of your personal data due to improper data processing and request the restriction of their use instead; if you require your personal data for the establishment, exercise or defence of legal claims where we no longer need the personal data for the purposes of the processing; or if you have objected due to your particular situation pending the verification whether our legitimate grounds override your reasons.
Right to notification as per Art. 19 GDPR: If you have exercised your right to rectification, erasure or restriction of processing against the controller, the controller shall communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about those recipients.
Right to data portability as per Art. 20 GDPR: You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to request transmission of those data to another controller provided this is technically feasible.
Right to withdraw consent as per Art. 7 Para. 3 GDPR: You have the right to withdraw your consent to processing of your data at any time with future effect. In case of withdrawal of consent, we shall delete the data concerned without delay, provided further processing cannot be supported by a legal basis for processing without consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Right to object as per Art. 21 GDPR: You have the right to object to future processing of your personal data at any time in accordance with the provisions of Art. 21 GDPR. The objection may be in particular to processing of the personal data for direct marketing purposes.
Data collected on our website
If a user does not want cookies to be stored on his computer, he must deactivate the relevant option in the system settings of his browser. It is also possible to delete cookies already stored via the system settings of the browser. The blocking of cookies can lead to functional impairment of this website.
You can find further information on cookies here https://www.robel.com/en/cookie-notice/.
Server log files
The hosting services from our hosting provider are used to provide the following services for our website: Infrastructure and platform services, computer capacity, data storage and database services, security services and technical maintenance services which we use for the purpose of operating this website. We or our hosting provider process contact data (in case of e-mail contact: e-mail address), usage data, meta and communications data of users of this website on the basis of our legitimate interest in an efficient and safe provision of this website in accordance with Art. 6, Para. 1 (f) GDPR in conjunction with Art. 28 GDPR.
We or our hosting provider collect various general data and information on each access of our website by a data subject or an automated system. These general data and information are stored in the log files of the server. The following may be recorded (1) browser type and version used, (2) operating system used by the accessing system, (3) the web page from which the accessing system reaches our website (so-called referrer), (4) the sub-pages which are called up on our website by an accessing system, (5) the date and time of the access to the website, (6) the IP address, (7) the Internet service provider of the accessing system and (8) other similar data and information which are used to prevent danger in case of attacks on our IT systems.
When using these general data and information, we or our hosting provider draw no conclusions about the data subject. This information is rather required to (1) correctly display the contents of our website, (2) optimise the contents of our website and the advertising of same, (3) ensure the continuous functionality of our IT systems and the technology of our website and (4) to be able to provide the law enforcement agencies with the information necessary for law enforcement in case of a cyber attack. The server log file data are stored separately from any personal data provided by a data subject.
Access and security protocols at system level are maintained by the service used by us https://platform.sh/ for diagnostic purposes. These protocols are not accessible to us. These protocols are stored for a minimum of 6 months and a maximum of 1 year. Protocols at general system level are stored for a minimum of 30 days and a maximum of 1 year.
If you are contacting us (e.g. by e-mail, telephone or social media), the user data are processed in accordance with Art 6, Para. 1 (b) GDPR to deal with the enquiry. The data provided by the user may be stored in a customer relationship management system (“CRM system”) or a similar enquiry system.
If you send us enquiries by e-mail, the data from the e-mail enquiry form including the contact data provided therein are stored by us to process the enquiry and in case of follow-on questions. We do not pass these data on to third parties without your consent.
Processing of the data provided in an e-mail therefore takes place exclusively on the basis of your consent (Art. 6 Para. 1 (a) GDPR). You can withdraw your consent at any time. It is sufficient to inform us of this by e-mail. The lawfulness of any data processing up to withdrawal of consent shall not be affected by the withdrawal of consent.
The data provided in an e-mail remain with us until you request their deletion, withdraw consent for their storage or the purpose for their storage is no longer applicable (e.g. after processing of the enquiry is completed). Mandatory legal requirements - in particular retention periods - shall not be affected.
In accordance with Art. 13 GDPR we have to inform you of the legal basis for collecting personal data. Where the legal basis is not expressly mentioned in this Data Privacy Statement, the following shall apply: The legal basis for obtaining consent are Art. 6, Para. 1 (a) and Art. 7 GDPR, the legal basis for data processing to provide our services and implement contractual measures as well as reply to enquiries is Art. 6, Para. 1 (b) GDPR, the legal basis for data processing to meet our legal obligations is Art. 6, Para. 1 (c) GDPR and the legal basis for data processing to protect our legitimate interest is Art. 6, Para. 1 (f) GDPR.
Disclosure of data
The disclosure of your personal data to third parties for purposes other than those listed below does not take place. We disclose your personal data to third parties only if:
If we disclose data to other persons or companies (processors or third parties) within the scope of data processing, transmit data to them or grant them other access to data, this will be done on the basis of statutory authorisation or on the basis of your consent or because a legal duty provides for this or on the basis of our legitimate interests (e.g. when using a hosting provider etc.).
If we enter into a “data processing agreement” with a third party for the processing of personal data, this is done on the basis of Art. 28 GDPR.
If we process data in a third country (i.e. outside the European Union (EU) or outside the European Economic Area (EEA)) or if this takes place within the scope of utilising the services of third parties by disclosure or transmission of data to third parties, this shall be done only if it is done to meet our (pre)-contractual obligations, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. Subject to legal and contractual permissions, we process the data or the data are processed in a third country only if the special conditions of Art. 44 ff GDPR are met. This means, processing takes place, for example, on the basis of special guarantees such as the officially accepted decision that the level of data protection is equivalent to that of the EU (e.g. for the USA by means of the “Privacy Shield”) or observance of officially accepted special contractual provisions (“Standard Contract Clauses”).
Erasure of data / restriction of processing
The personal data processed by us are erased or their processing is restricted in accordance with Art. 17 and Art. 18 GDPR. Unless expressly stated in this Data Privacy Statement, the data stored by us are erased as soon as they are no longer required for their intended purpose and the erasure does not conflict with the legal obligation to retain such data. This applies, for example, to data which must be stored for reasons of commercial or tax law (e.g. Art. 257 German Commercial Code, Art. 147, Para. 1 German Tax Code - retention for up to 10 years). If the data are not erased because they are required for other legally permissible purposes, their processing will be restricted. This means the data will be restricted and not processed for any other purpose.
Data protection provisions for the use of YouTube
The data controller has integrated components of YouTube on this website. YouTube is an Internet video portal which allows the free placing of video clips and the free viewing, rating and commenting by other users of these. YouTube permits the publication of all types of videos so that complete films and TV broadcasts, but also music videos, trailers or videos made by users themselves can be called up via the Internet portal.
The operating company of YouTube is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
By calling up one of the pages of this website which is operated by the controller responsible for data processing and into which a YouTube component (YouTube video) has been integrated, the relevant YouTube component automatically causes the Internet browser on the IT device of the data subject to download the relevant YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/intl/en/yt/about/. As part of this technical process, YouTube and Google will gain knowledge on which specific page of our website has been visited by the data subject.
If the data subject is simultaneously logged into YouTube, YouTube will recognise on calling up a page containing a YouTube video which specific page of our website has been visited by the data subject. This information is collected by YouTube and Google and linked to the YouTube account of the data subject.
YouTube and Google always receive the information via the YouTube component that the data subject has visited our web page if the data subject is simultaneously logged into YouTube when calling up our web page; this takes place independently of whether the data subject clicks on a YouTube video or not. If the data subject does not wish that this information is transmitted to YouTube and Google, the data subject can prevent this transmission by logging out of the YouTube account before calling up our web page.
Service provider JotForm
Our website links to a form of the jotform.com website operated by JotForm Inc. The operator of this website is JotForm Inc., 111 Pine St. Suite 1815, San Francisco, CA 94111, USA.
We use this form to provide you with an opportunity to contact us and to register for an event. By entering text and optionally selecting the offered checkboxes in this form, after clicking on the submit button, this data will be transmitted to us and stored on the German servers of JotForm Inc. for the purpose of processing the request as well as in case of follow-up questions. Please note that a direct connection to the servers of JotForm Inc. is made when you visit this form website of JotForm Inc.
With JotForm Inc., we have signed a data-processing agreement in which JotForm has committed itself to protect our customers' data and not to disclose it to third parties.
Data protection for job applications and during the application process
The data controller collects and processes the personal data of applicants for the purpose of carrying out the application process. Processing may also take place electronically. This is the case in particular if an applicant has submitted the application documents to the controller electronically, for example by e-mail or via a web form on a web page. If the controller enters into an employment contract with an applicant, the data transmitted are stored for the purpose of processing the employment relationship taking account of the legal provisions. If the controller does not enter into an employment contract with the applicant, the application documents shall be automatically deleted six months after notification of the negative reply provided no other legitimate interests of the controller conflict with this. Other legitimate interests in this context are, for example, an obligation to provide proof in proceedings under the German Equality Act (AGG).
We take organisational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the data protection legislation are observed and in this way to protect data processed by us against accidental or deliberate manipulations, loss, destruction or against access by unauthorised persons.
Data protection information for journalists and press representatives
Data is processed for inclusion in our press mailing list to send information about our company and our products in the form of press releases. If necessary, we process your data to protect the legitimate interests of us or third parties e.g. Processing in the CRM system.
You can find further information on the data access rights, the storage period of your personal data and the data protection and objection rights in the following document:
What is Google reCAPTCHA?
Why do we use reCAPTCHA on our website?
We do everything we can to protect ourselves from bots or spam software of all kinds and to offer you the best possible user friendliness. For this reason, we use Google reCAPTCHA from Google. So we can be pretty sure that we will remain a "bot-free" website. By using reCAPTCHA, data is transmitted to Google to determine whether you really are human. reCAPTCHA thus serves the security of our website and subsequently also your security. For example, without reCAPTCHA, it could happen that a bot registers as many e-mail addresses as possible when registering, in order to subsequently "spam" forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.
What data does reCAPTCHA store?
reCAPTCHA collects personal data from users to determine whether the actions on our website really come from people. So the IP address and other data that Google needs for the reCAPTCHA service can be sent to Google. Within the member states of the EU or other contracting states of the Agreement on the European Economic Area, IP addresses are almost always shortened before the data ends up on a server in the USA. The IP address will not be combined with other Google data unless you are logged in with your Google account while using reCAPTCHA. First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed on your browser. Then reCAPTCHA sets an additional cookie in your browser and takes a snapshot of your browser window.
The following list of collected browser and user data is not exhaustive.
Rather, they are examples of data that we understand to be processed by Google:
It is undisputed that Google uses and analyzes this data even before you click on "Submit", which is why we have integrated an approval box that notifies you of this special marketing cookie and only lets you fill out the contact or product request, provided that you click agree to the setting of reCAPTCHA.